As mobile devices and applications increase in prevalence and sophistication, applications increasingly seek permission to access various components of mobile devices. Moreover, operating systems for mobile devices are increasingly permitting users to custom-tailor what permissions they grant to a particular application. Users may wish to restrict what types of information or hardware an application is permitted to access. For example, a user may wish to allow a social media platform to access geolocation information in order to “check in” at specific locations. As an additional example, a user may wish to block a social media platform from accessing the contacts list on the mobile device. As applications and mobile devices increase in sophistication, however, deciding what permissions to grant and which to deny may become an absurdly byzantine process.
The increasing prevalence of third-party libraries for purposes such as in-app advertising provides many examples in which selecting application permissions can be confusing to an end user. For example, denying a mobile application's access to device ID may interfere with crash and error reporting. Alternatively, denying an application's access to device ID may prevent the application from forwarding that information to a third-party library involved in advertising. Moreover, a hijacked application may insert spurious permission requests for the purposes of stealing a user's information. Accordingly, the instant disclosure identifies and addresses a need for additional and improved systems and methods for classifying permissions on mobile devices.